Canada’s law enforcement has reportedly confirmed it’s been using malware to infiltrate mobile devices and collect data
Canada’s Royal Mounted Police (RCMP) have disclosed that they use spyware to infiltrate mobile devices and collect data, according to a public statement made on Thursday by a Canadian rights organization.
The country’s Civil Liberties Association (CCLA) claims it found the revelation buried in a document presented to the Canadian Parliament on June 22, 2022. The RCMP’s admission reportedly came in response to lawmakers questioning the government’s use of surveillance on Canadian citizens. As stated by the CCLA, this marks the first time a police service in Canada has openly admitted to using controversial and invasive surveillance tools in targeted investigations.
The document was previously reported by Politico, which stated that the RCMP’s Covert Access and Intercept Team (CAIT) used “on-Device Investigative Tools” to remotely collect texts, emails, photos, videos, financial information and even turn on microphones and cameras remotely on target devices. The process was reportedly used only after obtaining a warrant, and implemented in 10 investigations between 2018 and 2020. It is also noted that Canada’s privacy commissioner was not consulted on the use of such methods.
The national police force reportedly stated that the proliferation of encrypted communication methods served as the primary reason for employing these tactics, writing in their disclosure that “In less than a generation, a high number of Canadians migrated their daily communications from a small number of large telecommunication service providers, all of which provided limited and centrally controlled services to customers, to countless organizations in Canada and elsewhere that provide a myriad of digital services to customers.”
“That decentralization, combined with the widespread use of end-to-end encrypted voice and text-based messaging services, make it exponentially more difficult for the RCMP to conduct court-authorized electronic surveillance,” Politico quoted the disclosure as saying.
However, as the CCLA points out, the document fails to clarify exactly what kind of investigations were deemed to warrant the use of these intrusive tools, or what specific tools the agency resorted to, or who supplied them.
“Is it one of the many vendors of spyware known for selling such tools to authoritarian states who use it to target human rights defenders and journalists? What are the internal decision and authorization processes undertaken to authorize this nuclear option for surveillance of Canadians? Why was the Privacy Commissioner not consulted when the invasiveness and controversial nature of such tools on the world stage is explicit and well known?,” questioned the CCLA.
The organization has called for public transparency on the issue and urged for open discussion on the “appropriateness of the use of such tools” as well as the legal safeguard and frameworks needed to ensure accountability for using these methods against Canadian citizens.